- 论坛徽章:
- 0
|
我要做个软路由,可是现在就是不好用,具体情况是这样的
WAN vr0=192.168.1.170/24 gateway=192.168.1.1/24
LAN x10=192.168.18.1/24
客户机 192.168.18.101/24
现在就是 客户机可以看见OPENBSD,OPENBSD可以看见192.168.1.1,但是客户机就是看不见192.168.1.1,肯定是我设的NAT规则有问题,因为我已经开了IP转发,还上不去网,记得有人告诉我OPENBSD默认的规则只要改一下就可以了,可是我怎么改也不行,看了PF中文说明,明白是什么意思了,可还是不太明白,是不是我太笨了??发上来我的PF文件,望高手能指导指导我,谢谢
# $OpenBSD: pf.conf,v 1.31 2006/01/30 12:20:31 camield Exp $
#
# See pf.conf(5) and /usr/share/pf for syntax and examples.
# Remember to set net.inet.ip.forwarding=1 and/or net.inet6.ip6.forwarding=1
# in /etc/sysctl.conf if packets are to be forwarded between interfaces.
int_if="x10"
ext_if="vr0"
int_net="192.168.18.0/24"
ext_net="192.168.1.0/24"
#nat on $int_if from $ext_net to any ->($int_if)
pass in on vr0 from x10 to any
pass out on vr0 from any to x10
#table <spamd> persist
#table <spamd-white> persist
#set skip on lo
#scrub in
#nat-anchor "ftp-proxy/*"
#rdr-anchor "ftp-proxy/*"
nat on vr0 from 192.168.18.0/24 to any -> vr0
#rdr pass on $int_if proto tcp to port ftp -> 127.0.0.1 port 8021
#rdr pass on $ext_if proto tcp from <spamd> to port smtp \
# -> 127.0.0.1 port spamd
#rdr pass on $ext_if proto tcp from !<spamd-white> to port smtp \
# -> 127.0.0.1 port spamd
#anchor "ftp-proxy/*"
#block in
#pass out keep state
#pass quick on $int_if
#antispoof quick for { lo $int_if }
#pass in on $ext_if proto tcp to ($ext_if) port ssh keep state
#pass in log on $ext_if proto tcp to ($ext_if) port smtp keep state
#pass out log on $ext_if proto tcp from ($ext_if) to port smtp keep state |
|
免费注册
发表于 2006-06-29 15:30